<?php
if (isset($_GET['user']) && isset($_GET['passkey']))
{
	$user = $_GET['user'];
	$passkey = $_GET['passkey']; //pendiente codificar

	require_once('common/connectdb.php');
	//XML output of an existing MySql database 
	//header("Content-type: text/xml");
	

	$ConnectDB = new ConnectDB();
	$qValidateUser = "SELECT * FROM tb_user WHERE user='$user' AND user_password='$passkey'";
	$rValidateUser = $ConnectDB->run_query($qValidateUser);

	if(mysql_num_rows($rValidateUser)!=0){
		$row = mysql_fetch_array($rValidateUser);
		echo "<code>0</code>
			<session>
				<userName>".$row['user_name']."</userName>
				<userLastName>".$row['user_lastName']."</userLastName>
			</session>";
	} else {
		echo "<code>1</code>";
	}
} else {
	// Access forbidden:
	header('HTTP/1.1 403 Forbidden');
}
?>
